CVE-2026-5785HIGH 8.1EPSS p68.8%

CVE-2026-5785CVE-2026-5785

Description

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS1.39% probability of exploitation · percentile 68.8% · 2026-06-19T12:03:05Z
Published2026-04-16
Last modified2026-04-17

Underlying weaknesses· 1

CWE-89

References

  1. https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2026-5785.html

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')cwe-890%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-1367
CVE
CVE-2025-36528
CVE
CVE-2025-3833
CVE
CVE-2025-27709
CVE
CVE-2025-3836
CVE
CVE-2025-36527
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.